plan-to-tdd
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill follows best practices for guiding an agent through a development workflow.
- [PROMPT_INJECTION]: The skill processes input from feature plan files located in the
docs/plan/directory. While this represents a surface for indirect prompt injection, it is the primary intended function of the skill and no specific exploitation patterns were found. 1. Ingestion points: Reads from markdown files indocs/plan/. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Generates test scripts and implementation code. 4. Sanitization: Not explicitly mentioned in the provided steps.
Audit Metadata